Refine search Expand filter

Audit progress

- Any -

Sector

- Any -

Year

- Any -

Report type

- Any -

Topic

- Any -

Reports

Published

Fraud controls in local councils

Local Government
Fraud
Internal controls and governance
Management and administration
Risk

Many local councils need to improve their fraud control systems, according to a report released today by the Auditor-General for New South Wales, Margaret Crawford. The report highlights that councils often have fraud control procedures and systems in place, but are not ensuring people understand them and how they work. There is also significant variation between councils in the quality of their fraud controls.

Fraud can directly influence councils’ ability to deliver services, and undermine community confidence and trust. ICAC investigations, such as the recent Operation Ricco into the former City of Botany Bay Council, show the financial and reputational damage that major fraud can cause. Good fraud control practices are critical for councils and the community. 

The Audit Office of New South Wales 2015 Fraud Control Improvement Kit (the Kit) aligns with the Fraud and Corruption Control Standard AS8001-2008 and identifies ten attributes of an effective fraud control system. This audit used the Kit to assess how councils manage the risk of fraud. It identifies areas where fraud control can improve. 

Fraud can disrupt the delivery and quality of services and threaten the financial stability of councils.

Recent reviews of local government in Queensland and Victoria identify that councils are at risk of fraud because they purchase large quantities of goods and services using devolved decision making arrangements. The Queensland Audit Office in its 2014–15 report 'Fraud Management in Local Government' found that ‘Councils are exposed to high-risks of fraud and corruption because of the high volume of goods and services they procure, often from local suppliers; and because of the high degree of decision making vested in councils'. They also highlight some common problems faced by councils including the absence of fraud control plans and failure to conduct regular reviews of their internal controls. Also, in 2008 and 2012 the Victorian Auditor-General identified the importance of up-to-date fraud control planning, clearly documented related policies, training staff to identify fraud risks and the importance of controls such as third party management. 

Investigations into councils by the NSW Independent Commission Against Corruption (ICAC), such as the recent Operation Ricco, show the impact that fraud can have on councils. These impacts include significant financial loss, and negative public perceptions about how well councils manage fraud. The findings of these investigations also show the importance of good fraud controls for councils.

Operation Ricco

In its report on Operation Ricco, the ICAC found that the Chief Financial Officer (CFO) of the City of Botany Bay Council and others dishonestly exercised official functions to obtain financial benefits for themselves and others by causing fraudulent payments from the Council for their benefit. It also identified the CFO received inducements for favourable treatment of contractors.

The report noted that there were overwhelming failures in the council’s procedures and governance framework that created significant opportunities for corruption, of which the CFO and others took advantage.

It found weaknesses across a wide variety of governance processes and functions, including those involving the general manager, the internal audit function, external audit, and the operation of the audit committee.
Source: Published reports of ICAC investigations July 2017.

The strength of fraud control systems varies significantly across New South Wales local councils, and many councils we surveyed need to improve significantly. 

Most surveyed councils do not have fraud control plans that direct resources to mitigating the specific fraud risks they face. Few councils reported that they conduct regular risk assessments or health checks to ensure they respond effectively to the risks they identify. 

There are sector wide weaknesses that impact on the strength of councils' fraud control practice. Less than one-third of councils that responded to the survey:

  • communicate their expectations about ethical conduct and responsibility for fraud control to staff 
  • regularly train staff to identify and respond to suspected fraud
  • inform staff or the wider community how to report suspected fraud and how reports made will be investigated.

The audit also identified a pattern of councils developing policies, procedures or systems without ensuring people understand them, or assessing that they work. This reduces the likelihood that staff will actually use them. 

In general, metropolitan and regional councils surveyed have stronger fraud control systems than rural councils. 

Newly amalgamated councils are operating with systems inherited from two or more pre-amalgamated councils. These councils are developing new systems for their changed circumstances.

Five councils surveyed reported that they did not comply with the Public Interest Disclosure Act 1994

Observations for the sector:
Councils should improve their fraud controls by:

  • tailoring fraud control plans to their circumstances and specific risks
  • systematically and regularly reviewing their fraud risks and fraud control systems to keep their plans up to-date
  • effectively communicating fraud risks, and how staff and the community can report suspected fraud 
  • ensuring that they comply with the Public Interest Disclosure Act 1994.

Recommendation:
That the Office of Local Government: 

  • work with councils to ensure they comply with the Public Interest Disclosure Act 1994.
     
Despite several New South Wales state entities collecting data on suspected fraud, the cost, extent, and nature of fraud in local councils is not clear. 
There are weaknesses in data collection and categorisation. Several state entities receive complaints about councils. These entities often do not separate complaints about fraud from other complaint data, do not separate local council data from other public-sector data, and do not separate complaints about council decisions or councillors from complaints about council staff conduct. Complaints about one incidence of suspected fraud can also be reported multiple times. 
Collaboration between state entities and councils to address these weaknesses in data collection could provide a clearer picture to the public and councils on the incidence of suspected fraud. Better information may also help councils decide where to focus fraud control efforts and apply resources more effectively.
Including measures for fraud control strength and maturity in the OLG performance framework may also improve practice in councils. Further, OLG may want to consider how a revised Model Code could better drive fraud control practice in councils.
Recommendations
That the Office of Local Government:
  •  work with state entities and councils to develop a common approach to how fraud complaints and incidences are defined and categorised so that they can:
    • better use data to provide a clearer picture of the level of fraud within councils
    • measure the effectiveness of, and drive improvement in councils' fraud controls systems

Appendix one – Response from agency 

Appendix two – Survey results

Appendix three – About the audit   

Appendix four – Performance auditing

 

Parliamentary reference - Report number #303 - released 22 June 2018 

Published

Managing risks in the NSW public sector: risk culture and capability

Finance
Health
Justice
Treasury
Internal controls and governance
Management and administration
Risk
Workforce and capability

The Ministry of Health, NSW Fair Trading, NSW Police Force, and NSW Treasury Corporation are taking steps to strengthen their risk culture, according to a report released today by the Auditor-General, Margaret Crawford. 'Senior management communicates the importance of managing risk to their staff, and there are many examples of risk management being integrated into daily activities', the Auditor-General said.

We did find that three of the agencies we examined could strengthen their culture so that all employees feel comfortable speaking openly about risks. To support innovation, senior management could also do better at communicating to their staff the levels of risk they are willing to accept.

Effective risk management is essential to good governance, and supports staff at all levels to make informed judgements and decisions. At a time when government is encouraging innovation and exploring new service delivery models, effective risk management is about seizing opportunities as well as managing threats.

Over the past decade, governments and regulators around the world have increasingly turned their attention to risk culture. It is now widely accepted that organisational culture is a key element of risk management because it influences how people recognise and engage with risk. Neglecting this ‘soft’ side of risk management can prevent institutions from managing risks that threaten their success and lead to missed opportunities for change, improvement or innovation.

This audit assessed how effectively NSW Government agencies are building risk management capabilities and embedding a sound risk culture throughout their organisations. To do this we examined whether:

  • agencies can demonstrate that senior management is committed to risk management
  • information about risk is communicated effectively throughout agencies
  • agencies are building risk management capabilities.

The audit examined four agencies: the Ministry of Health, the NSW Fair Trading function within the Department of Finance, Services and Innovation, NSW Police Force and NSW Treasury Corporation (TCorp). NSW Treasury was also included as the agency responsible for the NSW Government's risk management framework.

Conclusion
All four agencies examined in the audit are taking steps to strengthen their risk culture. In these agencies, senior management communicates the importance of managing risk to their staff. They have risk management policies and funded central functions to oversee risk management. We also found many examples of risk management being integrated into daily activities.
That said, three of the four case study agencies could do more to understand their existing risk culture. As good practice, agencies should monitor their employees’ attitude to risk. Without a clear understanding of how employees identify and engage with risk, it is difficult to tell whether the 'tone' set by the executive and management is aligned with employee behaviours.
Our survey of risk culture found that three agencies could strengthen a culture of open communication, so that all employees feel comfortable speaking openly about risks. To support innovation, senior management could also do better at communicating to their staff the levels of risk they are willing to accept.
Some agencies are performing better than others in building their risk capabilities. Three case study agencies have reviewed the risk-related skills and knowledge of their workforce, but only one agency has addressed the gaps the review identified. In three agencies, staff also need more practical guidance on how to manage risks that are relevant to their day-to-day responsibilities.
NSW Treasury provides agencies with direction and guidance on risk management through policy and guidelines. Its principles-based approach to risk management is consistent with better practice. Nevertheless, there is scope for NSW Treasury to develop additional practical guidance and tools to support a better risk culture in the NSW public sector. NSW Treasury should encourage agency heads to form a view on the current risk culture in their agencies, identify desirable changes to that risk culture, and take steps to address those changes. 

In assessing an agency’s risk culture, we focused on four key areas:

Executive sponsorship (tone at the top)

In the four agencies we reviewed, senior management is communicating the importance of managing risk. They have endorsed risk management frameworks and funded central functions tasked with overseeing risk management within their agencies.

That said, we found that three case study agencies do not measure their existing risk culture. Without clear measures of how employees identify and engage with risk, it is difficult for agencies to tell whether employee's behaviours are aligned with the 'tone' set by the executive and management.

For example, in some agencies we examined we found a disconnect between risk tolerances espoused by senior management and how these concepts were understood by staff.

Employee perceptions of risk management

Our survey of staff indicated that while senior leaders have communicated the importance of managing risk, more could be done to strengthen a culture of open communication so that all employees feel comfortable speaking openly about risks. We found that senior management could better communicate to their staff the levels of risk they should be willing to accept.

Integration of risk management into daily activities and links to decision-making

We found examples of risk management being integrated into daily activities. On the other hand, we also identified areas where risk management deviated from good practice. For example, we found that corporate risk registers are not consistently used as a tool to support decision-making.

Support and guidance to help staff manage risks

Most case study agencies are monitoring risk-related skills and knowledge of their workforce, but only one agency has addressed the gaps it identified. While agencies are providing risk management training, surveyed staff in three case study agencies reported that risk management training is not adequate.

NSW Treasury provides agencies with direction and guidance on risk management through policy and guidelines. In line with better practice, NSW Treasury's principles-based policy acknowledges that individual agencies are in a better position to understand their own risks and design risk management frameworks that address those risks. Nevertheless, there is scope for NSW Treasury to refine its guidance material to support a better risk culture in the NSW public sector.

Recommendation

By May 2019, NSW Treasury should:

  • Review the scope of its risk management guidance, and identify additional guidance, training or activities to improve risk culture across the NSW public sector. This should focus on encouraging agency heads to form a view on the current risk culture in their agencies, identify desirable changes to that risk culture, and take steps to address those changes.

Appendix one - Response from agencies

Appendix two - Survey results

Appendix three - About the audit

Appendix four - Performance auditing

 

Parliamentary reference - Report number #298 - released 23 April 2018

Published

Report on Local Government 2017

Local Government
Asset valuation
Information technology
Internal controls and governance

Under section 421C of the Local Government Act 1993, I am pleased to present our first report on the statutory financial audits of councils, to NSW Parliament.

My appointment as the auditor of local government in New South Wales is the most significant change to the Auditor-General's mandate in nearly three decades.

Moving to the new audit arrangements over the past 18 months has been challenging but rewarding. It has confirmed my appreciation of local government – a sector passionate about the community and focused on delivering local services. 

The unique relationship each council has with its community differentiates it from other tiers of government.

Our audits
I am pleased to report that we completed 139 out of 140 financial statement audits for the 2016–17 audit cycle. The remaining council received an extension to lodge its financial statements.

We have also released a performance audit report on council reporting on service delivery. We will soon release another report on fraud controls in local councils and a report on council shared services later this year. 

  • While the new audit mandate brings immense responsibility, my office has embraced the challenges involved and the objectives that NSW Parliament gave us: 
  • strengthening governance and financial oversight in local government
  • providing greater consistency in external audit
  • ensuring reliable financial information is available to assess council performance
  • improving financial management, fiscal responsibility and public accountability in how councils use citizens’ funds.

This report
This report is rich in data extracted from the results of the 2016–17 financial audits. For the first time, it presents a consistent view of financial performance across the New South Wales local government landscape. The report also provides guidance and includes recommendations to councils and the Office of Local Government aimed at strengthening financial reporting, asset management, governance and internal controls.

The report will help NSW Parliament understand the common challenges that councils face. It provides points of comparison for councils and signposts matters that will be the focus of future audits. Importantly, this report and the data visualisation that accompanies it, provides comprehensive and accessible information to citizens regarding the management and performance of their councils.

I would like to acknowledge the cooperation of councils throughout the audit process and our partnerships with the contract audit firms that helped us to deliver the audits. Together we can learn from each other and work towards improving outcomes for the community.  

1.    Introduction
Local government sector NSW has 140 councils: 128 local councils serving a geographic area and 12 county councils formed for a specific purpose. 
We completed audits of 139 councils' 2016–17 financial statements and eight councils' 2015–16 financial statements. Bayside Council received a lodgement extension from the Office of Local Government (OLG) and has not yet presented their 2016–17 financial statements for audit.
Service delivery Each council provides a range of services, influenced by population density, demographics, the local economy, geographic and climatic characteristics. These differences influence the financial profile of councils.
2.    Financial reporting
Quality of financial reporting

The overall quality of financial reporting needs to improve:

  • we issued modified (qualified) audit opinions on the financial statements of three councils in 2016–17 and one council and one water authority in 2015–16
  • we reported 39 significant matters to 29 councils. They related to material accounting issues and significant deficiencies in internal controls
  • twenty-two councils required material adjustments to correct errors in previous audited financial statements
  • moderate risk issues were identified in financial statement preparation processes for 43 councils.

    OLG guidance for council year-end financial reporting needs to align with Australian Accounting Standards and be issued earlier.
Timeliness of financial reporting Timeliness of financial reporting needs to improve. Forty councils required lodgement extensions past the 31 October 2017 statutory reporting deadline.
3.    Financial performance and sustainability
Operating revenue Eighteen councils operating expenses exceed current operating revenue.
Fifty-nine councils do not meet OLG’s target of 60 per cent for own source operating revenue.
Liquidity and working capital Most councils have sufficient liquidity and working capital. However, there are indicators that:
  • three councils may not have the ability to meet short-term obligations as measured by the unrestricted current ratio
  • two councils may not have sufficient operating cash available to service debt as measured by the debt service cover ratio
  • eighteen councils do not meet the OLG benchmark for the collection of rates and annual charges 
  • five councils may not have sufficient cash to continue paying expenses without additional cash inflows as measured by the cash expense cover ratio.
Asset management measures Reporting against OLG’s asset management performance measures highlights that councils need to consider whether spending on existing infrastructure assets is sufficient to ensure they continue to meet service delivery standards:
  • seventy councils are not renewing assets in line with the rate of their depreciation
  • eighty-four councils did not meet OLG’s benchmark for managing the infrastructure maintenance backlog
  • seventy-one councils are not maintaining their assets in accordance with their asset management plans. 
4.    Asset management
High risk issues We reported ten high risk issues relating to councils’ asset management and accounting practices.
Asset reporting The accuracy of asset registers requires improvement and all assets need to be reported in the financial statements.
At 30 June 2017, 62 councils did not record all rural fire-fighting equipment in their financial statements. A large proportion of rural fire-fighting equipment is not reported in either State government or local government financial statements.
Asset valuation We reported seven high risk matters related to asset valuations, including two that resulted in qualified audit opinions.
Asset useful life estimates We identified that accounting for the useful lives of similar assets varied across councils, resulting in variable depreciation expense for these assets.
In addition, the useful lives of assets need to be reviewed annually. This review should be supported by current condition assessments.
Asset policy and planning Thirteen councils do not have an asset management strategy, policy and plan, as required by the Office of Local Government’s Integrated Planning and Reporting Framework.
5.    Governance and internal controls
High risk issues We reported 17 high risk issues relating to governance, financial accounting, purchasing and payables and payroll matters.
Governance There is currently no requirement for councils to have an audit, risk and improvement committee and internal audit function. Consequently, 53 councils do not have an audit committee and 52 councils do not have an internal audit function.
The Office of Local Government has incomplete information on the number of entities established by councils. There is no financial reporting framework for the variety of entities established by councils.
Councils can strengthen policies and procedures to support critical business processes, practices for risk management and compliance with key laws and regulations.
Internal controls Councils can improve internal controls over manual journals, reconciliations, purchasing and payables and payroll.
6.    Information technology
High risk issues We reported nine high risk issues relating to information technology.
Access to IT systems Controls over user access to IT systems need to be strengthened.
Information Technology governance IT governance benefits from appropriate policies, standards and guidelines across all critical IT processes. We identified that:
  • around one in four councils do not have an IT strategy or operational plan 
  • half of NSW councils have an IT security policy
  • seventeen councils do not have a documented plan to recover from a disaster.

 

Accurate and timely financial statements are an important element of sound financial management. They bring accountability and transparency to the way councils use public resources. Our financial audits assessed the following aspects of councils’ financial reporting:

  • quality of financial reporting
  • timeliness of financial reporting.
Observation Conclusion or recommendation
2.1 Quality of financial reporting

Qualified audit opinions
We issued unmodified audit opinions on the: 

  • 2016–17 financial statements of 136 councils and two water authorities 
  • 2015–163 financial statements for seven councils and two water authorities.
 The councils that received unmodified audit opinions prepared financial statements that fairly present their financial position and results. 

We issued modified (qualified) opinions on the:

  • 2016–17 financial statements of three councils 
  • 2015–16 financial statement of one council and one water authority.

Councils with modified opinions should address the issues that give rise to the audit qualification.
Significant audit matters
We reported 39 significant matters in 29 councils. They included material accounting issues and significant deficiencies in internal controls. Seventy-seven per cent of the matters related to assets.
 		 Significant issues with the quality of financial reporting delayed the completion of a number of audits. 
Improving the reporting on assets should be a priority. 
 
Prior period errors
We found 33 material errors worth $9.1 billion in the previous audited financial statements of 
22 councils. These all required prior-year audited balances to be corrected. Eighty eight per cent of these were asset related.
 		 The high number of asset-related prior-period errors reinforces the need for councils to improve the way they value and account for assets.
Financial statements
We reported 43 moderate risk findings where councils can improve the way they complete their financial statements.		 Recommendation
Councils can improve the quality of financial reporting by reviewing their financial statements close processes to identify areas for improvements.
 
Of the councils that had an audit, risk and improvement committee, 55 per cent of these did not review the financial statements before audit. Recommendation
Councils can improve the quality of financial reporting by involving an audit, risk and improvement committee in the review of financial statements.
 
OLG guidance
To support councils in preparing 30 June 2017 financial statements, OLG issued guidance documents in June 2017 and September 2017. This limited the time councils had to prepare financial statements in the prescribed form and resolve financial reporting and audit issues. 		 Recommendation
The Office of Local Government should release the Local Government Code of Accounting Practice and Financial Reporting and the End of Year Financial Reporting Circular earlier in the audit cycle, ideally by 30 April each year.
 
The Code applicable for the 2016–17 financial reporting period provided options and guidance that in some instances did not fully align with Australian Accounting Standards. Recommendation
The Local Government Code of Accounting Practice and Financial Reporting should align with Australian Accounting Standards.
2.2 Timeliness of financial reporting
Statutory deadlines
One hundred councils submitted audited financial statements to OLG by the statutory deadline of 31 October 2017.
Thirty-nine councils received reporting extensions up to 28 February, including 16 of the 20 newly amalgamated councils.
Bayside Council received a reporting extension to 31 May 2018 and has not yet presented their financial statements for audit.
 		 Councils need to improve their financial reporting processes in order to lodge their financial statements by the statutory reporting deadline.
Early close procedures
Councils currently do not use early close procedures to resolve accounting issues before the end of the financial year.		 Recommendation
The Office of Local Government should introduce early close procedures with an emphasis on asset valuations.

3 The Auditor‑General was appointed statutory auditor of eight councils for the 2015–16 reporting period at the specific request of councils, due to the failure by councils to appoint an auditor, or the inability of the previous auditor to complete the audit due to external investigation or auditor retirement.

Strong and sustainable financial performance provides the platform for councils to deliver services and respond to the needs of their community. This chapter outlines our audit observations on the performance of councils against the Office of Local Government's (OLG) performance indicators, grouped in three areas:

  • operating revenue performance measures
  • liquidity and working capital performance measures
  • asset management performance measures.

Our analysis indicates that some councils face challenges in meeting these performance and sustainability measures.

Observations Conclusions
3.1 Operating revenue performance measures

Operating performance
Operating expenses for 18 councils exceeded their operating revenue.

Another 20 councils would not have met OLG’s operating performance benchmark without the receipt of 2017–18 financial assistance grants which was recorded as revenue during 2016–17.

Eleven councils have not met OLG’s operating performance benchmark for the last three years.

 It is important that councils have financial management strategies that support their financial sustainability and ability to meet OLG’s operating performance benchmark over the long term.
Operating performance measures how well councils contain operating expenses within operating revenue. OLG has prescribed a benchmark of greater than zero.  

Own source operating revenue
Fifty-nine councils did not meet OLG’s benchmark, and 42 of those were rural councils.

 Rural councils have high-value infrastructure assets that cover large areas with smaller populations and less capacity to raise revenue from alternative sources compared with metropolitan councils.
Own source operating revenue measures a council’s fiscal flexibility and the degree to which it can generate revenue from own sources compared with total revenue from all sources. OLG has prescribed a benchmark of more than 60 per cent of total revenue.  
3.2 Liquidity and working capital performance measures

Unrestricted current ratio
All but three councils met OLG’s benchmark.

 Most councils can meet short-term obligations as they fall due.
The unrestricted current ratio represents a council’s ability to meet its short-term obligations as they fall due. OLG has prescribed a benchmark of greater than 1.5 times.  

Debt service cover ratio
All but two councils met OLG’s benchmark. These two councils did not meet OLG’s benchmark due to the early repayment of borrowings.

Regional councils have 56 per cent of the value of all borrowings in the sector.

Most councils have sufficient operating cash available to service their borrowings.

Regional councils borrow more heavily than metropolitan councils to deliver water and sewerage infrastructure. Metropolitan councils do not have the responsibility to provide water and sewerage infrastructure.
The debt service cover ratio measures the operating cash available to service debt including interest, principal and lease payments. OLG has prescribed a benchmark of greater than two times.  

Rates and annual charges outstanding
Eight rural, five regional, three metropolitan and two county councils did not meet OLG’s benchmark.

These councils also did not meet the infrastructure backlog ratio.

 Most councils are collecting rates and annual charges levied. Councils with higher levels of uncollected rates and charges can experience increased pressure on the working capital available to fund operations.
The rates and annual charges outstanding measure assesses the impact of uncollected rates and annual charges on a council’s liquidity and the adequacy of debt recovery efforts. OLG has prescribed a benchmark of less than five per cent for metropolitan and less than ten per cent for other councils.  

Cash expense cover ratio
Three rural and two county councils did not meet OLG’s benchmark.

 Most councils have the capacity to cover more than three months of operating expenses.
The cash expense cover ratio indicates the number of months a council can continue paying its expenses without additional cash inflows. OLG has prescribed a benchmark of greater than three months.  

This measure does not exclude externally and internally restricted funds. If externally restricted funds are excluded, all councils would still meet OLG’s benchmark. If both externally and internally restricted funds are excluded:

  • an additional 32 councils would have a cash expense cover ratio of less than three months
  • a further nine councils are left without any unrestricted funds for general operations.
 Councils with a higher proportion of restricted funds may have less flexibility to pay operational expenses than the cash expense cover ratio suggests. However, councils can resolve to lift internal restriction if required.

3.3. Asset management performance measures (not audited)

Building and infrastructure renewals ratio
Seventy councils reported to OLG they do not meet the benchmark for this ratio.

Most councils included expenditure related to work-in-progress in calculating this ratio. OLG are of the view that work-in-progress should be excluded and as a result identified that a further 23 councils do not meet the benchmark.

These councils appear to not be renewing assets in line with the rate they are depreciating them. This raises questions as to whether council asset management plans are adequate to determine whether assets are being kept up to agreed standards.

Uncertainty on the inclusion of work-in-progress assets does need to be is clarified in order to ensure consistency in determining whether councils are adequately renewing their assets.
The building and infrastructure renewals ratio represents the rate at which assets are being renewed relative to the rate at which they are depreciating. OLG has prescribed a benchmark of greater than 100 per cent.  

Infrastructure backlog ratio
Eighty-four councils reported to OLG that they do not meet the benchmark for this ratio.

 These councils may not be maintaining their infrastructure backlog at a manageable level.
The infrastructure backlog ratio represents the proportion of infrastructure backlog relative to the total net book value of a council's infrastructure assets. OLG has prescribed a benchmark of less than two per cent.  

Asset maintenance ratio
Seventy-one councils reported to OLG they do not meet the benchmark for this ratio

 These councils’ maintenance expenditure may be insufficient to sustain their assets in a functional state so they reach their predicted useful life.
The asset maintenance ratio represents the rate at which assets are being maintained relative to the rate at which they are required to be maintained. OLG has prescribed a benchmark of greater than 100 per cent.  

Costs to bring assets to agreed service level
One-hundred and two councils reported results against this indicator to OLG. The reported results ranged from 0.1 per cent to 19.8 per cent.

 There is variability between councils in the amount of outstanding renewal works to be completed.
This ratio represents the estimated cost to renew or rehabilitate existing infrastructure assets that have reached the condition-based interval level adopted by a council, relative to the gross replacement cost of all infrastructure assets. OLG has not prescribed a benchmark for this performance measure.  

OLG’s benchmarks for financial performance and sustainability

Each local council has unique characteristics such as its size, location and services provided to their communities. These differences affect the nature of each council's assets and liabilities, revenue and expenses, and in turn the financial performance measures against which it reports.

The Office of Local Government prescribes performance indicators for council reporting

The analysis in this chapter is based on performance measures prescribed in OLG’s Code of Accounting Practice and Financial Reporting (the Code). Councils report against these measures in their annual report, which includes the audited financial statements and other unaudited information. In the audited financial statements, councils report performance against six financial sustainability measures:

  • operating performance
  • own source operating revenue
  • unrestricted current ratio
  • debt service cover ratio
  • rates and annual charges outstanding percentage
  • cash expense cover ratio.

Councils also include the unaudited Special Schedule 7 'Report on Infrastructure Assets' in their annual reports. In this schedule, councils report to OLG on performance against four further measures:

  • building and infrastructure renewals ratio
  • infrastructure backlog ratio
  • asset maintenance ratio
  • cost to bring assets to agreed service level.

Each audited measure and three of the four unaudited measures has a prescribed benchmark. OLG’s benchmarks are the same for metropolitan, regional, rural and county councils, with the exception of the rates and annual charges outstanding percentage. Regional, rural and county councils have a different benchmark to metropolitan councils for this measure.

Three rural councils did not meet three of the audited OLG benchmarks

Most councils met OLG’s benchmarks for at least five or all of the six audited performance measures. Eight rural, four regional, four metropolitan and two county councils did not meet OLG’s benchmarks for two out of the six audited performance measures. Three rural councils did not meet OLG’s benchmarks for three out of the six audited performance measures.

The following table summarises how the councils performed across the six audited performance measures.

Number of OLG benchmarks met by councils   Number of councils  
Metropolitan Regional Rural County
6 12 12 29 5
5 17 21 17 5
4 4 4 8 2
3 -- -- 3 --
Not available* 1 -- -- --
Total 34 37 57 12
* The financial statements for Bayside Council are not yet presented for audit.
Source: Audited Financial Statements for 2016–17.

Appendix ten lists the performance of each council against all performance measures.

NSW councils own and manage a significant range of assets, including infrastructure, property, plant and equipment with a total value of $136 billion.

Many of the issues that our local government audits identified related to asset management. This chapter discusses some of the asset accounting issues we found, focusing on five areas:

  • overall asset management issues
  • asset registers
  • asset valuation
  • recognition and asset useful life estimates
  • asset policy and planning.
Observations Conclusion or recommendation
4.1 High risk issues

Significant matters reported to those charged with council governance
Our 2016–17 audits identified ten high risk issues related to the accuracy of asset registers, restricted assets and asset revaluations.

 High risk issues affect council’s ability to maintain their assets in the condition required to deliver essential services.
4.2 Asset reporting

Accuracy of asset registers
Our audits identified instances where councils had multiple asset registers, inaccurate or incomplete registers, unreconciled registers, or uncontrolled manual spreadsheets.

 Maintaining accurate asset records is important as it enables councils to manage their assets effectively and report on finances appropriately.

Unrecorded land and infrastructure assets
Twenty-four councils had not recorded $145 million worth of assets, mainly land and infrastructure assets.

 Assets not captured in council records is at risk of not being subject to their care and control, nor recorded in the financial statements.

Rural fire-fighting equipment
At 30 June 2017, forty-six councils did report vested rural fire-fighting equipment in their financial statements. However, 62 councils did not record vested fire-fighting equipment in their financial statements. These rural fire‑fighting equipment assets are not reported in either State government or local government financial statements.

Recommendation
The Office of Local Government should address the different practices across the local government sector in accounting for rural fire‑fighting equipment before 30 June 2018.

In doing so, the Office of Local Government should work with NSW Treasury to ensure there is a whole‑of‑government approach.

4.3 Asset valuation

Restricted assets
Our audits found that ten councils did not appropriately consider restrictions on the use of community land and land under roads when determining asset fair values in accordance with Australian Accounting Standards.

Nine councils corrected the land values in their 2016–17 financial statements, reducing the reported value of community land and land under roads by $12.1 billion.

The valuation of community land and land under roads should reflect the physical and legislative restrictions on these assets as required by Australian Accounting Standards. The impact of restrictions can be significant.

Councils should consider engaging experts to assist with the determination of asset fair values, as necessary.
Asset revaluations
Our audits found many cases where councils did not review valuation results, comply with applicable codes, or work effectively with valuers to obtain accurate asset valuations.		 Valuing large infrastructure assets is a complex process. Councils would benefit if the process is started earlier and there is a clear plan to ensure valuations are appropriately managed and documented.

4.4 Asset useful life estimates

Asset useful life estimates
We found considerable variability in councils' useful lives for similar assets.

In some cases, the useful lives of assets are not reviewed annually or supported by regular condition assessment.

Depreciation is a significant expense for councils and therefore impacts on reported financial results and key performance indicators.

To comply with Australian Accounting Standards, councils need to reassess the useful lives of all assets annually.

Regular condition assessments are essential to identify maintenance requirements and maintain service delivery.

4.5 Asset policy and planning
Asset management strategy
Thirteen councils do not have an asset management policy, strategy and plan, as required by OLG's Integrated Planning and Reporting Framework. Newly amalgamated councils have until 30 June 2018 to implement this.		 An effective asset management strategy, policy and plan helps councils to manage their assets appropriately over their life cycle and to make informed decisions on the allocation of resources.

Asset overview

NSW councils own and manage a significant range of assets, including infrastructure, property, plant and equipment.

At 30 June 2017, the combined carrying value of NSW council assets was as follows.

Good governance systems help councils to operate effectively and comply with relevant laws and standards. Internal controls assist councils to operate reliably and produce effective financial statements.

This chapter highlights the high risk issues we found and reports on a range of governance and control areas. Governance and control issues relating to asset management and information technology are covered in separate chapters.

Observation Conclusion or recommendation
5.1 High risk issues
Significant matters reported to those charged with council governance
Our 2016–17 audits identified 36 high risk governance and internal control deficiencies across 17 councils.  Asset practices accounted for the highest number of high risk issues and information technology accounted for the largest overall number of control deficiencies. These matters are covered in chapters four and six respectively.
We reported:
  • seventeen high risk issues relating to governance, purchase-to-pay, financial accounting and payroll processes
  • ten high risk issues relating to asset practices
  • nine high risk issues related to information technology management.
 High risk issues affect council’s ability to achieve their objectives and increase the risk of fraud and error. 
5.2 Governance
Audit committees
Councils are currently not required to have an audit, risk and improvement committee. Consequently, 53 councils do not have an audit committee.

Proposed legislative changes will require councils to establish an audit, risk and improvement committee by March 2021.

Recommendation
Councils should early adopt the proposed requirement to establish an audit, risk and improvement committee.

Internal audit
Councils are currently not required to have an internal audit function. Consequently, 52 councils do not have this function.

Recommendation
The Office of Local Government should introduce the requirement for councils to establish internal audit functions and update its 2010 Internal Audit Guidelines.

Council entities
The Office of Local Government's register of entities approved under section 358 of the Local Government Act 1993 is incomplete.

Recommendation
The Office of Local Government should maintain an accurate register of council entities approved under section 358 of the Local Government Act 1993.
The Local Government Act 1993 does not stipulate a financial reporting framework for council entities.    

Recommendation
The Office of Local Government should establish a financial reporting framework for council entities.

Policies and procedures
We identified 50 high and moderate risk issues across 33 councils where policies and procedures over critical business processes did not exist or had not been updated.

 It is important there are current policies, standards and guidelines available to staff and contractors across all critical business processes.

Legislative compliance frameworks
Our audits found that 45 councils do not have sufficient processes to show they are complying with legislative requirements.

 Councils can improve practices in monitoring compliance with key laws and regulations. This includes implementing a legislative compliance framework, register and policy.

Risk management
We identified 15 high and moderate risk issues across 15 councils where risk management practices could be strengthened.

 Council risk management practices are enhanced when there is a fit-for-purpose risk management framework, register and policy to outline how risks are identified, managed and monitored.
5.3 Internal controls

Financial accounting
We identified 45 high and moderate risk control deficiencies across 41 councils concerning the use of manual journals to adjust council financial records. This can increase the risk of fraud and error.

We identified 51 high and moderate risk issues across 39 councils where reconciliation processes need to improve to support the preparation of accurate financial statements

Sound financial accounting processes include controls to ensure:

  • a person other than the preparer authorises manual journals
  • key account reconciliations are prepared and reviewed.
Purchasing and payables
We found 102 high and moderate risk deficiencies in purchasing and payable controls across 64 councils. Sound purchasing controls are important to minimise error, unauthorised purchases, fraud and waste.

As councils spend a substantial amount each year to procure goods and services, strong controls over purchasing and payment practices are critical. These include:

  • a review of changes to vendor master file data by an appropriate independent officer
  • an independent review and approval of purchases, including credit card transactions
  • compliance with Tendering Guidelines for NSW Local Government.

Payroll
We identified 71 high and moderate risk deficiencies in payroll controls across 48 councils. Weaknesses in payroll controls could result in incorrect payments being made to employees, due to error or fraud.

Managing excess annual leave balances was a challenge for 32 councils.

Effective payroll controls are important because employee expenses represent a large portion of council expenditure. These controls include segregation of duties in the review of payroll master file data, timesheets, leave forms, payroll exception reports and termination payments.

Excessive annual leave balances can have implications on employee costs, disrupts service delivery and affect work, health and safety. Excess annual leave balances should be continuously monitored and managed.

Like most public sector agencies, councils increasingly rely on information technology (IT) to deliver services and manage sensitive information. While IT delivers considerable benefits, it also presents risks that councils need to address.

Our review of council IT systems focused on understanding the processes and controls that support the integrity, availability and security of the data used to prepare financial statements. This chapter outlines issues in three broad areas:

  • high risk issues
  • access to IT systems
  • IT governance.
Issues Conclusion
6.1 High risk issues
Significant matters reported to those charged with council governance
Our 2016–17 audits identified nine high risk IT control deficiencies across seven councils. The issues related to user access controls, privileged access controls and user developed applications. High risk issues affect council’s ability to achieve their objectives and increase the risk of fraud and error.
6.2 Access to IT systems
User access controls
We identified 107 issues across 56 councils where user access controls could be strengthened.

Inadequate IT policies and controls around user access, including privileged access, increases the risk of individuals having excessive or unauthorised access to critical financial systems and data.

Privileged access
We identified 86 examples across 64 councils of inappropriate privileged access, inadequate review of access and insufficient retention and review of access logs.

 

User developed applications
User developed applications (UDAs) are computing applications, tools and processes developed or managed outside IT administration. UDAs may allow users to bypass formal user access controls.

Our audits found 22 councils using spreadsheets for business operations, decision making and financial reporting that were not adequately secured, with changes that were not tracked, tested or reviewed.

We also identified five councils where finance staff and senior management use database query tools to directly modify financial data, circumventing system-based business process controls.

It is important councils are aware of all circumstances they are relying on UDAs to limit the risk of errors and potential misuse. This allows councils to:

  • transition UDA functions to internal systems where possible
  • ensure UDAs are adequately controlled where they continue to use them
  • regularly review access rights to UDAs and back-up business-critical information.
6.3 IT Governance

Strategy, policies and procedures
Around one in four councils do not have an IT strategy or operational plan. Some councils also need to develop or improve IT policies and procedures.

Sixty-six councils do not have an adequate information security policy.

IT governance is enhanced where there is:

  • a fit-for-purpose IT strategy and operational plan
  • appropriate policies, standards and guidelines across all critical IT processes
  • a formally defined process to support security and access to all systems.

Disaster recovery and business continuity
Our audits identified that 17 councils do not have a documented plan to recover critical business functions in the event of a disaster.

The ability to restore data from backups is critical to ensure business continuity in the face of a system disaster.

We also found that 15 councils do not periodically test their ability to restore backups of data relevant to financial reporting.

Sound management of disaster recovery and business continuity includes:

  • a documented plan for how critical business functions will be recovered in the event of a disaster, which is periodically reviewed and tested
  • the ability to restore backed-up data, which is periodically tested.

We expect to focus on these areas in our future audits.

Appendix one - Response from the Office of Local Government

Appendix two - List of recommendations

Appendix three - Sources of information and council classifications

Appendix four - Councils amalgamated in 2016

Appendix five - Status of audits

Appendix six - Council spending by function - Definitions from the local government code of accounting practice and financial reporting

Appendix seven - OLG’s performance indicators from the audited financial statement - Descriptions

Appendix eight - OLG’s performance indicators from the unaudited special schedule 7 - Descriptions

Appendix nine - Financial information

Appendix ten - OLG’s performance indicators

Appendix 11 - NSW Crown Solicitor’s advice

Click here to access the Report on Local Government 2017 Data Visualisation

Published

Volume Nine 2012 focusing on Education and Communities

Education
Community Services
Asset valuation
Financial reporting
Management and administration
Project management
Risk
Workforce and capability

In New South Wales in 2011, around 20 per cent of public school teachers were under 35 and less than 10 per cent were under 30. Nothing has changed during 2012. We need to do more to attract and retain young teachers to a profession that is essential for our children and our future prosperity.

Published

Volume Eight 2012 focusing on Transport and Ports

Transport
Industry
Compliance
Financial reporting
Fraud
Information technology
Infrastructure
Management and administration
Procurement
Project management
Regulation
Risk
Workforce and capability

We issued unqualified audit opinions on the transport entities’ 30 June 2012 financial statements.

Some of the findings of the report include:

  • government funding to the public transport operators totalled $4.4 billion in 2011-12 ($3.7 billion in 2010-11)

  • passenger services revenue only covered 20 per cent of RailCorp's operating costs

  • Transport for NSW has formalised a protocol to mitigate the risk of potential conflicts of interests

  • At present, no sustainability framework exists for the transport agencies around environment and sustainability. Transport for NSW should complete its Environment and Sustainability Policy Framework by June 2013 and should publicly report its results annually

  • Transport patronage continued to grow with 510 million journeys on train, bus and ferry services

  • CityRail had two peak hour periods where only 36 per cent and 39 per cent of services were on time

  • On-time running performance for Sydney Ferries was above the NSW 2021 plan target of 98.5 per cent for most routes in 2011-12

  • Customer surveys by transport agencies no longer specifically address crowding on public transport. Transport for NSW should observe and report on crowding on all transport modes

  • Over 2,500 transport staff, or 8.3 per cent of the workforce, have excessive leave balances. All transport entities should do more to reduce excessive annual leave balances to ensure they will comply with new targets set by the Premier.

 

Published

Volume Seven 2012 focusing on Law, Order and Emergency Services

Justice
Compliance
Fraud
Internal controls and governance
Management and administration
Procurement
Project management
Workforce and capability

Since the Victims’ Compensation Scheme started in 1989, $1.6 billion has been paid to victims of crime, but only $57.4 million or nearly four per cent has been recovered from convicted offenders. The remaining 96 per cent has been funded by the taxpayer.

Published

Volume Five 2012 focusing on superannuation, compensation and housing

Finance
Treasury
Premier and Cabinet
Community Services
Asset valuation
Compliance
Financial reporting
Information technology
Internal controls and governance
Procurement
Regulation

The NSW Government’s defined benefit superannuation funds have had positive returns for the last three years. However, the returns fell significantly in 2011-12. Global economic conditions led to substantial volatility and uncertainty in markets creating challenges for superannuation funds’ trustees.

Published

Managing Overtime: RailCorp and Roads and Maritime Services

Transport
Management and administration
Workforce and capability

Overtime is a significant cost for RailCorp and Roads and Maritime Services, adding about ten per cent to the cost of regular salaries. RailCorp’s overtime cost was $133.7 million in 2010–11, and at Roads and Maritime Services it cost $49.3 million.

 

Parliamentary reference - Report number #223 - released 20 June 2012

Published

Volume One 2012 focusing on themes from 2011

Health
Industry
Premier and Cabinet
Asset valuation
Compliance
Financial reporting
Fraud
Information technology
Infrastructure
Internal controls and governance
Management and administration
Procurement
Project management
Regulation
Risk
Shared services and collaboration

The following overview of audits from 2011 found agency restructures significantly impacted agency financial reporting processes, agencies are having difficulty establishing and enforcing compliance with their own policies and procedures, agencies experienced problems complying with regulations and providing adequate documentation to support their financial statements, the poor quality of some financial statements with 1,256 misstatements identified, 540 so significant they had to be corrected, deficiencies in information security exist across many agencies, computer system disaster recovery plans for financial systems not existing or outdated, do not align with agencies’ business recovery requirements, do not properly identify and assess critical systems and processes and testing is incomplete.

Published

Managing IT Services Contracts

Finance
Health
Justice
Compliance
Information technology
Internal controls and governance
Procurement
Project management
Risk

Neither agency (NSW Ministry of Health and NSW Police Force) demonstrated that they continued to get value for money over the life of these long term contracts or that they had effectively managed all critical elements of the three contracts we reviewed post award. This is because both agencies treated contract extensions or renewals as simply continuing previous contractual arrangements, rather than as establishing a new contract and financial commitment. Consequently, there was not a robust analysis of the continuing need for the mix and quantity of services being provided or an assessment of value for money in terms of the prices being paid.

 

Parliamentary reference - Report number #220 - released 1 February 2012

View our audit program
View audit program
EXPLORE
upcoming audits
Have your say
CONTRIBUTE